Data Protection Declaration
Change cookie consent
Thank you for your interest in the online presence and data protection declaration of OceanEvent GmbH (“OceanEvent”). It describes how we collect, use and process your personal data and how we comply with our legal obligations to you in doing so. The protection of your data is important to us. We have therefore made it our business to handle your data responsibly and to protect and safeguard it.
Of course, we comply with the legal provisions of the Data Protection Act (DSGVO), the Telecommunications Telemedia Data Protection Act (TTDSG) and other data protection regulations and would like to inform you about this in more detail below:
1. Scope of application, responsible entity and definitions
1.1 Scope of this privacy statement
This data protection declaration provides information on the processing of personal data in accordance with the General Data Protection Regulation (hereinafter “DS-GVO”) by OceanEvent
– when visiting and using OceanEvent’s website and social networks,
– Of (potential) customers,
– of participants in a charter organized by OceanEvent,
– by service providers as well as
– of applicants.
The data protection declaration informs the data subjects about the nature, scope and purpose of the collection and use of your personal data by OceanEvent as the controller within the meaning of the DS-GVO.
1.2 Responsible party for the processing of your personal data
Unless otherwise stated in this privacy statement, the following is responsible for processing your personal data:
OceanEvent GmbH
Branch Road 1
D-82319 Starnberg
Germany
represented by managing director Christian Muehleck
For processing in connection with marketing activities on social networks, we are jointly responsible with the providers of the social networks.
For processing in connection with the handling and execution of a charter, we are jointly responsible with the relevant shipping companies. If contractually agreed with the customer, the processing of personal data is carried out on behalf of Conference Management GmbH, with which a corresponding order processing agreement exists in accordance with Art. 28 DS-GVO.
1.3 Definitions
This data protection declaration is based on the following data protection terms, which we are happy to explain for ease of understanding:
a) DS-GVO is the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46/EC).
b) Recipient means a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients; the processing of such data by the aforementioned authorities shall be carried out in accordance with the applicable data protection legislation, in accordance with the purposes of the processing.
c) Personal data means any information relating to an identified or identifiable natural person, i.e. the data subject. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal data may be, for example, name, contact details or passport data.
d) Controller means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. For the data processing described in this privacy statement, OceanEvent is the controller; in some cases jointly with other controllers.
e) Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, storage, use, disclosure by transmission or otherwise making available, erasure or destruction. Processing may be, for example, the collection and transmission of your passport data as a participant in a charter.
2. Purpose, legal base and, if applicable, categories of data when processing your personal data
2.1 Processing of your data when visiting our website as well as in the context of marketing measures in social networks.
Processing when visiting our website is carried out for the following purposes and on the basis of the following legal grounds:
2.1.1 Processing for the purpose of IT security.
If you visit our website to find out about our offer and services without registering for the newsletter or otherwise actively providing us with information, e.g. via the contact form / ship request, we also process your personal data. In addition, we process your personal data in the context of marketing measures in social networks.
When you visit our website, we process your personal data that is technically necessary for us to provide you with our website and to ensure the stability and security when you visit our website. For this purpose, we process the following personal data:
Access data/ Server log files
We collect data about every access to our website (so-called server log files). The access data includes:
– Name of the accessed website
– File, date and time of access
– Amount of data transferred
– Message about successful retrieval
– Browser type and version
– Operating system of the user
– Referrer URL (the previously visited page)
– Shortened IP address
– Requesting provider
We use this log data only for statistical analysis for the purpose of operating, securing and optimizing our website. However, we reserve the right to subsequently check the log data if there is a justified suspicion of unlawful use based on concrete indications.
We process your personal data on the basis of our legitimate interest in providing you with the website and ensuring IT security for you when you visit the website, based on Art.6 para.1 p.1 lit. f) DSGVO.
2.1.2 Processing for the purpose of customer contact and advertising
When contacting us (for example, via the contact form/ship inquiry or by e-mail), your information will be stored for the purpose of processing the inquiry and in the event that follow-up questions arise.
Contact
If you contact us via our contact form/ship inquiry, we process the personal data you provide here, such as
– name, first name
– e-mail address and telephone number
The processing of your personal data is based on your consent, Art. 6 para.1 p.1 lit. a) DS-GVO.
Newsletter registration
When you fill out our newsletter web form and submit it, you consent to the data you have entered being transmitted to us by clicking on the “Submit” button below. The data entered will be stored and used exclusively for processing your request. Specifically, this means sending you a newsletter informing you about new cruise ships, special charter offers and destinations for your maritime event.
We process your personal data for the purpose of customer contact and advertising on the basis of your consent within the meaning of Art.6 para.1 p.1 lit. a) DS-GVO. According to the DS-GVO, you have the right to revoke your consent to the storage, processing and use of your data at any time with effect for the future by sending a message to OceanEvent (info@oceanevent.com). If you revoke your consent, we will process your personal data collected in this context to fulfill a legal obligation based on Art.6 para.1 p.1 lit. c) DS-GVO.
2.1.3 Processing of your personal data for analysis purposes and for the purpose of individual recommendations on our website.
When you visit our website, we analyze and document your user behavior in order to display individual recommendations on our website based on this data. For this purpose, we process the following personal data:
– IP address (shortened)
– cookies
We process your personal data on the basis of your consent within the meaning of Art.6 para.1 p.1 lit. a) DS-GVO, which you have given us in the context of the website visit. If you wish to object to the data processing of playing out product recommendations, please click on the following link: Cookie settings.
Cookies
Cookies are small text files that are stored in the browsers of your end devices when you visit our website. Cookies allow your actions and settings on our website to be stored and tracked for the duration of the browser session and possibly beyond. In addition, cookies enable the recognition of your browser. You can access the use of cookies
a) influence the settings of your browser. Most browsers have an option to restrict or completely prevent the storage of cookies. However, we would like to point out that the use and in particular the user comfort of our website may be limited without cookies.
b) Influence by clicking on the following link and changing the settings there: Cookie settings
Google Analytics 4
For analysis, we use Google Analytics 4 on our website, which is a web analytics service provided by Google Ireland Ltd (“Google”). Google Analytics uses cookies that enable an analysis of the use of our website. The declarations generated by the cookie about the use of our website are usually transferred to the U.S. via a Google Analytics 4 server operated by us in Europe and stored there. This data transfer takes place on the basis of EU standard contractual clauses. This ensures adequate protection of their personal data. You can find out more here: https://business.safety.google/adsprocessorterms/sccs/p2p-intra-group/
We shorten your IP address on the server operated by us before it is transferred to a server of Google Analytics 4. Google Analytics will use these statements on our behalf for the purpose of evaluating your use of our website, compiling reports on website activity and providing other services to OceanEvent relating to website activity and internet usage. You can find more detailed explanations of the terms of use and data protection of Google Analytics 4 at: https://support.google.com/analytics/answer/6004245
Google Tag Manager
We use the Google Tag Manager to optimize our website. This is an organizational tool that allows us to integrate and manage website tags centrally and via a user interface. Tags are small sections of code that, for example, record (track) your activities on our website.
The Google Tag Manager itself is a domain that does not set any cookies or store any data. It acts as a mere manager of the implemented tags.
Experience Analytics Tool by Hotjar Ltd.
For the aforementioned purposes, we use, among other things, a user experience analytics tool from Hotjar Ltd. that allows us to better understand the needs of our website visitors and optimize the offer and experience on this website. This tool works with cookies and other technologies to collect data about the behavior of our users and about your terminal devices. For this purpose, we process the following (personal data):
– IP address of the device
– Screen size, device type browser used
– Location (country only) and preferred language for viewing our website
– Keyboard and mouse inputs (movements, position and clicks)
– Referral URL and domain
– website visit with date and time
You can prevent the collection of the declarations by preventing the storage of cookies through an appropriate setting in your browser software or by deactivating tracking under Cookie Settings. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
Calendly
We use “Calendly” on our website. This is a planning and organization tool. The service provider is the American company Calendly LCC, 271 17th St NW, Ste 1000, Atlanta, Georgia, 30363 USA. Calendly also processes data in the U.S.A., among other places.
We would like to point out that according to the opinion of the ECJ, there is currently no adequate level of protection for the transfer of data to the U.S.A.. This may be accompanied by various risks to the lawfulness and security of data processing.
As a basis for data processing with recipients located in third countries (outside the EU, Iceland, Liechtenstein Norway, i.e. in particular U.S.A.) or a data transfer there, Calendly uses standard contractual clauses approved by the EU Commission (see Art. 46 para.2 and 3 DSGVO). These clauses oblige Calendly to comply with the EU level of data protection when processing relevant data outside the EU.
You can learn more about the data processed by using Calendly in Calendly’s privacy policy.
2.1.4 Processing for the purpose of advertising on social networks
In Meta’s social networks and apps, such as Facebook, Instagram, Messenger or LinkedIn, we regularly display advertisements, so-called social media ads. If you have an account in these social networks and agree to the display of advertisements via your account settings in the social network, you will be shown corresponding recommendations on our products and services when using the social network. The recommendations are generated on the basis of your interests stored in your public profile on the respective social network. In doing so, we process your public profile data. We show you individual advertising and offers on the basis of your interests stored in your public profile. In doing so, we process in particular
– Your IP address,
– your device/cookie ID,
– Page/feed activity,
– social connections
in order to measure the success of the display. We process your personal data on the basis of your consent within the meaning of Art. 6 para. 1 sentence 1 lit. a) DS-GVO.
In the process, your personal data is transferred to the U.S.A. This data transfer takes place on the basis of EU standard contractual clauses. This ensures adequate protection of your personal data.
For further details on data processing, we refer you to the privacy statements of the respective social network (Facebook, Instagram, LinkedIn).
2.2 Processing of your personal data in the context of a business relationship and for the performance of a charter
2.2.1 Processing of personal data of our (potential) customers.
If a business relationship between you and OceanEvent is in the offing or if a business relationship exists with you, we process your personal data for this purpose. This includes
– Name, first name
– e-mail address
– your position in the company and
– a telephone number with extension.
We use personal information about interested parties and customers to carry out pre-contractual measures (e.g. for the transmission of offers) as well as for the conclusion and execution of your contract Legal basis for this processing of personal data is Art. 6 para.1 p.1 lit.b) DS-GVO.
2.2.2 Processing of personal data of the participants of a charter
Upon conclusion of a charter contract and organization of the charter by us, personal data of your participants will also be collected and stored. This includes in particular
– name, first name
– address, e-mail address
– E-mail address and telephone number
– Other passport data
– Emergency data
– Health data such as allergies and food intolerances as well as additional personal data such as clothing size for special program points and/or activities e.g. bike tour, diving
Personal data of participants our charters we use to ensure that the contractual agreements between us and the relevant shipping companies and local service providers can be properly implemented. Here, the processing is based on Art. 6 para.1 p.1 lit. b) DS-GVO.
In addition, the processing of participant data is necessary in particular for the transfer to the local authorities on the Cruise by the shipping company. The processing is based on Art. 6 para.1 p.1 lit. e) DS-GVO.
The processing of personal data concerning the health of the participants is based on Art.6 Abs.1S.1 lit. d) DS-GVO.
For the processing of participant data, we offer our customers the option of using the online tool “Conference Manager” provided by our service provider, Conference Management GmbH. In this case, the processing of your personal data by Conference Management GmbH takes place on the basis of a contract processing agreement pursuant to Art. 28 para.1 DS-GVO.
We would like to point out that participation in the charter is not possible without recording the participant data. The participant data will be stored for a maximum of 14 calendar days after the charter has been carried out and then deleted.
2.3 Processing of personal data of our service providers and suppliers
We use personal data of our suppliers and service providers to ensure that the contractual agreements between us can be properly implemented and thus a smooth business relationship is possible, Art. 6 para.1 p.1 lit.b DS-GVO. On the other hand, to ensure compliance with legal requirements, Art. 6 para.1 p.1 lit.c) DS-GVO.
2.4 Processing of personal data of applicants
The reason for processing your personal information about you as an applicant is to assess whether your application to OceanEvent fits the requirements of our vacant positions. All the information we have about you, your skills and your goals helps us to make you an individually tailored job offer.
3. Disclosure of personal data
We may share your personal information with the following recipients, as appropriate and in accordance with local laws and regulations:
– Tax, audit or other authorities if we believe in good faith that we are required by law or other regulation to disclose such data.
– Shipping companies to whom we are required to submit a so-called manifest, which includes the passport data, address, telephone number, e-mail address and other personal data of the participants a charter.
Cruise ships are required by international maritime law to maintain such a manifest.
– External service providers who perform services on our behalf and/or for our clients (including local event agencies, airlines, as well as lawyers, accountants and auditors, and technical support staff for development and testing work on our company’s IT and CRM systems).
– Providers of externally contracted services and storage providers with whom a corresponding processing agreement is in place (including email delivery services, lettershops, and the like).
4. Protection of personal data
We take all reasonable and appropriate technical and organizational measures to protect the personal information we store from misuse, loss or unauthorized access. This applies to internal storage on our systems, includes the protection of our systems against external access and extends to the secure transfer of data to the above-mentioned third parties. Insofar as this is an order processing relationship, we have of course concluded the corresponding agreements in accordance with Art. 28 DS-GVO.
5. Your rights
In accordance with the DS-GVO, you can demand at any time that we
– Provide you with information about the personal data concerning you that we process (Art.15 DS-GVO),
– correct personal data concerning you that is incorrect (Art.16 DS-GVO) and/or
– Delete (Art.17 DS-GVO), block (Art.18 DS-GVO) and/or surrender (Art.20 DS-GVO) your personal data stored by us.
Please address your request
– By e-mail to info@oceanevent.com
– By telephone to +49.8151.746.490
– In writing to OceanEvent GmbH, Seearkaden, Zweigstraße 1, 82319 Starnberg, Germany
If you assert your right against us, we will process your personal data collected in this context in order to respond to your request. The processing of your personal data is carried out for the fulfillment of a legal obligation on the basis of Art.6 Abs.1 S.1 lit.c) DS-GVO.
6. Miscellaneous
The provisions of this privacy statement apply in the version valid at the time of use on our website. We reserve the right to amend or change the content of the data protection declaration. The updated version shall apply from the time it was published on our website.
7. Contact
Please direct any questions regarding data protection to CEO, Christian Muehleck by e-mail at info@oceanevent.com or by telephone at +49.8151.746.490.